0

I am making a report problem link on my website and I want it to email me the last address they were on before clicking on the report link. I know/think you use $_SERVER['HTTP_REFERER'] but I dont know how to put that in the mail code?So how would you write that here is my mail code with out it.

Mail("email@email.com", "Subject", "Message");
echo "Report Sent";
Major Productions
  • 5,914
  • 13
  • 70
  • 149
Max Gee
  • 117
  • 1
  • 3
  • 9
  • 4
    referers are unreliable. many browsers don't include it for privacy reasons, and others include forged/faked ones. – Marc B Oct 07 '12 at 01:27
  • @MarcB Do you know how I would get something link that to work then? – Max Gee Oct 07 '12 at 01:29
  • There's nothing you can do for that... You still can use it, but it some case you won't have anything. – poudigne Oct 07 '12 at 01:31
  • embed the address of the page in the url you pass to the problem reporter, eg. `http://example.com/problem.php?url=http://example.com/page_you_are_on.php` – Marc B Oct 07 '12 at 01:31
  • @MarcB Where would I embed it to do that? – Max Gee Oct 07 '12 at 01:33

2 Answers2

0

The message should be a variable that you can put information in:

$message = "Error report: <p>Last site visited: {$_SERVER['HTTP_REFERER']}</p>....";

mail("email@email.com", "Subject", $message);

Note that the HTTP_REFERER bit is placed within {} in the string. That's to force it to extrapolate the value (I don't like string concatenation).

Also note that, as has been said above, there's no guarantee that the REFERER will have the right value, or any value at all.

Major Productions
  • 5,914
  • 13
  • 70
  • 149
  • How would go about reporting this without using the refer style? – Max Gee Oct 07 '12 at 01:37
  • You could send the value to PHP asynchronously using JavaScript. JS has the current location/url value in `document.URL` – Major Productions Oct 07 '12 at 01:40
  • Do you want the address of the CURRENT url they're at when they click the report button, or the PREVIOUS url? If they found a page from Google, would you want to capture that? – Major Productions Oct 07 '12 at 01:43
  • What I am trying to get it to do is that if someone finds a error on my website I would want them to click on the link to report problem and then it would send me the address of the last part of the website they were at when they clicked on that link. – Max Gee Oct 07 '12 at 01:48
  • I guess it would be the CURRENT address – Max Gee Oct 07 '12 at 01:51
  • In that case, I recommend a different design. You're not guaranteed that a user will report an error immediately after encountering it. For detectable system errors (like, not being able to connect to the db), the error should be logged and sent automatically to you behind the scenes. For something a user should report, have them fill out a form that asks for the url and a description of the problem – Major Productions Oct 07 '12 at 01:53
  • Ok,Thanks do you know what browsers dont support REFFER cause it is working exactly how it is supposed to in safari and google chrome at the moment? – Max Gee Oct 07 '12 at 01:56
  • I do not. It's one of those things that has a *chance* to be missing/spoofed/wrong, so it's not good to use for critical functionality. It's up to you to weigh whether error reporting is critical. – Major Productions Oct 07 '12 at 01:58
  • No problem. I hope I was actually helpful. ;) – Major Productions Oct 07 '12 at 02:02
  • 1
    Anonymizing proxies often have an option to take out referers. – Barmar Oct 07 '12 at 02:28
0

Beside everything that has been told about http referers that can be sniffed, anonymizing proxies and so on, relying on the HTTP_REFERER is not a good programming standard.

Instead, if you have, for example:

http://www.example.com/application/client.php

Where users can click on

http://www.example.com/application/report_problem.php

Just pass the "...client.php" string to the "...report_problem.php" report problem handler you will create.

It's easy to pass the "originating" page link to the "report_problem", and can be done like this:

<?php
    // pages where you will append the "problem link"

    // $this_page holds an "url encoded" version of the request uri ( e.g. /application/client.php )
    $this_page = rawurlencode ( $_SERVER["REQUEST_URI"] );
?>
<a href="report_problem.php?originating_page=<?=$this_page;?>">Report problem</a>

Then, in the "report_problem.php" code:

<?php
     // report_problem.php

     $originating_page = ( array_key_exists ( 'originating_page', $_GET ) && ! empty ( $_GET['originating_page'] ) ? rawurldecode ( $_GET['originating_page'] ) : null;

     if ( ! empty ( $originating_page ) ) {
              $message = 'Error report: <p>Last site visited: ' . $originating_page . '</p>....';
              mail("email@email.com", "Subject", $message);
     }
     else mail("email@email.com", "Subject", "Problem from unkown page");
 ?>
Maurizio
  • 469
  • 1
  • 4
  • 11